CloudFormation plugins

Build, deploy, and operate applications on AWS with infrastructure-as-code (CDK, CloudFormation), core services (Lambda, API Gateway, Step Functions, ECS/Fargate, ECR, IAM, Bedrock with Knowledge Bases and Guardrails, AWS Blocks), observability (CloudWatch, X-Ray, CloudTrail, ADOT), messaging and streaming (SQS, SNS, EventBridge, Kinesis, MSK), AWS SDKs (boto3, JS v3, Swift), and cost optimization.

Deploy applications to AWS with architecture recommendations, cost estimates, and validated infrastructure-as-code. Generate AWS architecture diagrams as draw.io XML exports.

Build, train, and deploy AI models on Amazon SageMaker — validate datasets, select fine-tuning techniques, run SFT/DPO/RLVR training, diagnose HyperPod cluster issues (NCCL, GPU, Slurm), and deploy to endpoints or Bedrock, all from your coding assistant.

Automate GRC engineering workflows: map IaC (Terraform, Kubernetes, CloudFormation) to compliance controls (SOC2, NIST, ISO27001), generate policy-as-code (Rego, Sentinel, Checkov), collect audit evidence from AWS/Azure/GCP/K8s via scripts, scan IaC/PRs for violations with fixes, test control effectiveness, resolve framework conflicts, and transform risks into Jira tickets.

Assess SOC 2 Type I/II audit readiness for cloud environments, identify control gaps across Trust Service Criteria, generate remediation Infrastructure as Code in Terraform or CloudFormation, produce evidence checklists and matrices, map controls from documents or IaC, and compile auditor-ready packages with AWS evidence collection.

Accelerate cloud security workflows by triaging alerts, investigating incidents, analyzing IAM risks, mapping attack paths, assessing compliance gaps, and discovering sensitive data exposure across AWS, GCP, and Azure environments using the Orca Cloud Platform.

Structured development workflows for Claude Code: plan features from specs and architecture, implement with TDD and worktree isolation, verify with multi-agent review, then deploy behind feature flags with observability

Orchestrate AI agent workflows across IDEs with structured planning, implementation, testing, and documentation generation, plus infrastructure-as-code support and multi-agent coordination.

Automate full infrastructure lifecycles: generate IaC with Terraform, CDK, or CloudFormation for AWS; design CI/CD pipelines for GitHub Actions or GitLab; create idempotent Bash/Python scripts; orchestrate deployments with blue-green/canary strategies, rollbacks, health checks; implement GitOps using ArgoCD/Flux on Kubernetes.

Audit AWS IaC code in Terraform, CloudFormation, and Pulumi against all six Well-Architected Framework pillars for security, reliability, performance efficiency, cost optimization, operational excellence, and sustainability. Scan JavaScript, TypeScript, Python, Java, and Go code for OWASP Top 10 2025 vulnerabilities, reporting severity, locations, risks, and fixes.

Generate infrastructure and architecture diagrams from codebase analysis using D2, producing markdown documentation, D2 source files, and themed SVGs. Discovers IaC patterns and documentation structures, validates diagram quality, and enforces code lifecycle hooks.

Scan Terraform, CloudFormation, Bicep, Docker, Kubernetes, and Python code for security and compliance violations, then auto-fix issues or generate new ORL rules. Optionally convert HashiCorp Sentinel policies into ORL rules.

Design AWS and GCP infrastructure using Terraform and Ansible patterns, build data pipelines with dbt and SQLMesh, generate and manage RFCs plus technical specs in Markdown, and automate local dev setups including direnv, git worktrees, and port allocations for Docker services.